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@) Method and apparatus for verification of classes of documents. 

@ Method and apparatus for verification of 

documents belonging to selected groups of , 

classes of such documents. The documents are 
verified to assure that information contained in 
the documents is authenticated and un- 
changed. In one embodiment of the subject 
invention the documents maybe identification 
cards including both text (T) and an image (I) of 
the bearer. Each document also includes en- 
crypted information EJM] derived from the docu- 
ment, and encrypted decryption key CEJDJ 
for decrypting the encrypted information 
and information identifying the document as a 
member of the jth class Cj of a group of classes 
of documents. Verifying apparatus validates the 
document by a scanning information from the 
document decrypting the encrypted decryption 
key an using the decryption key so obtained to 
decrypted the encrypted information and com- 
paring the recovered encrypted information 
with information derived from the document 
directly. The verifying apparatus is responsive 
to enabling information from a data center (40) 
to enable the verifying apparatus to decrypt the 
encrypted decryption key for any document in a 
selected group of classes. 
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The present invention generally relates to a reli- 
able document verification system and, in particular, 
relates to a reliable document verification system, us^ 
ing a public key cryptosystem. . , . 

Throughout history one of the, tasks undertaken 5 
by many people and organizations has been, proving 
the authenticity of, the information content of docu- t 
ments. The importance of actually proving the au-. 
thenticity of a document can range from merely iden- 
tifying a signature to verifying military and/or political 1 o 
intelligence. Further,.as often as one tries to demon- 
strate the authenticity of a document, there is usually, 
at least one party that attempts to forge a document 
Hence, there has been, and probably will continue to 
be, an ongoing struggle to be able to reliably verify 15 
documents. 

Qver the years technological advances have 
brought new meaning to the word "document". Today, 
a document may be, for example, an electronically 
generated receipt from a banking machine or a digi- 20 
tized recording on an optical recording disk. For the 
purpose of this patent application, therefore, the word 
"document" should be interpreted to include any infor- 
mation placed on any medium including, but not lim- 
ited to, magnetic disks, optical disks or paper. 25 

Another, similar task that has just as colorful a 
history as document authentication is the secure 
communication of information commonly includes the 
use of encryption/decryption techniques. Similar to 
the forger referred to above, there is usually at least 30 
one party that is interested in either stealing the infor- 
mation being communicated that has been encrypted 
or supplying false information in an encrypted format 
so that the receiver thereof is disinfonmed, or both. 
Hence, throughout history various encryption/de- 35 
cryption schemes have been developed that, at least 
for a time, were thought to be secure only to discover 
that the security had been compromised. Again, tech- 
nological advances have considerably changed the 
field of cryptography. For example, with modern com- 40 
puters many cryptographic techniques can be broken 
in a relatively short period of time due, primarily, to 
the speed that computers perform mathematical op- 
erations. 

One presently secure cryptographic technique is 45 
generally known as the public key cryptographic sys- 
tem. One particular form of such a system is fully de- 
scribed and discussed in the basic article entitled "A 
Method For Obtaining Digital Signiatures and Public 
Key Cryptosystems" by R. L. Rivest, A. Shamir and L. so 
Adelmann, Volume 21 #2, February 1978, Communi- 
cations of ACM pages 120-126. This particular sys- 
tem is frequently referred to as the RS A public key 
cryptosystem. 

Public key techniques, as pointed out in the arti- 55 
cle entitled "Public Key Cryptography" by John Smith, 
in the January 1983 edition of Byte Magazine,; pages 
189^218, usually include two different kinds of keys: 



encryption keys and decryption keys. These keys in- 
cludes the properties that: a) it is possible to compute 
a pair of keys including an encryption key and a de-. 
cryption key; b) such that, for each pair, the decryp-. 
tion key that is not the same as the encryption key; 
and c) it is not feasible to compute the decryption key 
even from the knowledge of the. encryption key. In ad- 
dition, in such a cryptosystem, the encryption and de- 
cryption keys are functionally reversible, i.e. if one 
key is used to encrypt the other key can be used to 
decrypt whatever has been encrypted. 

As known, the name "public key* is derived from 
the t fact that each party's encryption key can be made 
available, i.e. public, to all parties subscribing to the 
particular public key network involved. Hence, as cur- 
rently used, public key cryptographic systems are de- 
signed for the direct communication between any two 
subscribing parties, each party having an unpublish- 
ed decryption key and a published encryption key. 

The public key cryptographic system has also 
found use in providing accurate identification of the 
source of a document As discussed on pages 217- 
218 of the Smith article, a sender can effectively sign 
a message by first encrypting the message, or an au- 
thenticating portion thereof, such as, for example, the 
name of the sender, using the private decryption key 
of the sender and then encrypt the message with the 
public encryption key of the receiving party. This re- 
sults in a message portion that only the sender could 
have created and only the receiver can read. Hence, 
two party, communication can, so long as public key 
cryptographic systems are secure, be implemented in 
such a fashion that the authenticity of a document can 
be ensured. 

Nonetheless, there remain many instances 
where there is a need, or desire, for a third party to 
authenticate a document relevant to, or communicat- 
ed between, two other parties. One example of such 
a situation would exist if a first party were required, 
or simply desired, to prove, or demonstrate, the au- 
thenticity of a particular document to a second party. 
In such a situation, it could be most beneficial if a third 
party could provide a means for authenticating that 
document One particular situation that could exist 
would, be where a dispute over the authenticity of a 
document arose between two parties and an impar- 
tial third party was selected to resolve the issue to the 
satisfaction of both parties. Such a situation might 
arise when, in accordance with an agreement be- 
tween two parties, one of the parties was to maintain 
certain records such that the second party could re- 
view those records toi ensure ^compliance with the 
agreement. In such a situation it would be most ben- 
eficial if a third party were, available- to: demonstrate 
the accuracy/inaccuracy of the records to the auditing 
second party. 

One solution to the problems described above is 
set forth in U.S. patent no. 4,853,961; to: Pastor; is- 
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sued: August 1 , 1 988; for: Reliable Document Authen- 
tication System. This patent discloses a system 
wherein information from a document, preferably 
postage information from a mailpiece is' encrypted 
using an encryption key E ( and incorporated with the 5 
document. The corresponding decryption key Dy is 
encrypted with a second encryption key E 1 and also 
incorporated with the document. To verify the docu-' 
ment as authenticate a party wishing to verify the 
document is provided with the decryption key D, cdr- 1 6 
responding to encryption key E 1f recovers key D, and 
decrypts the encrypted information, and compares it 
to the information originally in the document. The Pas- 
tor patent contemplates that all keys are provided by 
a trusted third party and thus the verifying party may is 
be assured that the document has not been changed 
after the encrypted information was incorporated. 

A particular application of this document verifica- 
tion technique is disclosed in commonly assigned, co- 
pending U.S. patent application serial no. 07/979,081 ; 20 
by; Marcus; filed: November 20, 1992; for Secure 
Identification Card and Method and Apparatus For 
Producing And Authenticating Same. Marcus disclo- 
ses a system for producing and verifying identifica- 
tion cards; that is documents which serve to prove the 25 
identity and status of an associated person or other 
entity. In this application theencrypted information 
from the identification card would include information 
describing the person or other entity to be identified.- 
Particularly, the encrypted information may include 30 
information representative of an image 1 of a person to 
be identified. Atypical example of such an identifica- 
tion card would be a driver's license which serves to 
identify the bearer and to confirm the bearer's status 
as a licensed driver. 35 

As is weli known, driver license's and similar 
identification cards are used not only for their intend- 
ed purpose, but are also frequently used by third par- 
ties to verify the identity, age, etc. of the bearer. For 
example, retail establishments frequently wish to ver- 40 
ify a driver's license before cashing a check or selling 
liquor. The system disclosed in the Marcus applica- 
tion is particularly adapted to this, since the keys pro- 
vided to third parties will not allow the third party to 
forge false documents, as would be possible using 45 
single key systems. * 

While the system disclosed in the Marcus appli- 
cation is believed highly satisfactory for its intended' 
purpose, it does not contemplate the problem of third 
party who wishes to verify documents from a number 50 
of sources: For example, a bar owner close to a state 
line may wish to have the capability to verify driver li- 
censes from 6h^ or more neighboring states, while a 
similar bar owrieVln the middle of the state may Have 
no need for such capability, while a retailer located 55 
near a popular tourist attraction may have a need to 
verify driver's" licenses from all over the United 
States. c 1 



Consequently, it would be highly desirable to pro- 
vide 1 a method and apparatus for reliably validating 
documents in general and; in particular, to reliably va- 
lidate documents belonging to a plurality of classes. 

The above aim is achieved and the disadvantag- 
es of the prior art are overcome in accordance with 
the subject invention by means of a method and ap- 
paratus for verifying a document belonging to a par- 
ticular, jth class of documents, the jth class being one 
of a plurality of classes of documents, each corre- 
sponding to a particular encryptibn/decryption key 
pair CE,CD. The document incorporates encrypted 
information, EJM] comprising information derived 
from the docurnent and encrypted with ah encryption 
key E] for an encryption/decryption key pair E it D iv 
where the key pair E lt D, can be varied from document 
to document and/or from class to class. The docu- 
ment further includes an encrypted decryption key 
CEj[DJ formed by encrypting decryption key D| with 
encryption key CEj. In accordance with the method 
and apparatus of the subject invention enabling infor- 
mation for enabling retrieval of a decryption key from 
any document in a selected group of classes is pro- 
vided. It is then determined if the subject document is 
in the selected group, and if so the decryption key Dj 
is retrieved from the document. Key Dj is then used 
to decrypt the encrypted information Ej[M] to obtain 
decrypted information D|Ei[M]] and the information M 
is derived from the document Decrypted information 
Dj[Ej[M]] is then compared with information M to verify 
that the information contained in the subject docu- 
ment is authentic and unchanged. ■- 

In accordance with one aspect of the subject in- 
vention verifying apparatus for receiving the enabling 
information and for decrypting the encrypting infor- 
mation E|M] includes a memory for storing preselect- 
ed decryption keys CD, the keys CD being in one-to- 
one correspondence with the classes, and the verify- 
ing apparatus also includes an enabling apparatus re- 
sponsive to the enabling information to enable the va- 
lidating apparatus to access selected groups of the 
preselected keys. In accordance with this aspect of 
the subject invention the enabling information in- 
cludes information defining a group of the preselect- 
ed keys CD corresponding to the selected group of 
classes. J *' s '[ . \ 

In accordance with another aspect of the subject 
invention the verifying apparatus comprises a mem- 
ory for storing a plurality of decryption keys CD and 
the enabling information includes information defin- 
ing a group of the decryption keys CD corresponding 
to the selected group of classes, and the verifying ap- 
paratus responses to the enabling information to 
store the group of keys CD in the memory. 

In accordance with arlother aspect of trie 1 subject 
invention the document incorporates a second en- 
crypted decryption key GE[bj encrypted with a group 
encryptionkey GE for an encryption/decryption key 
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pair GE, GD. In accordance with this aspect of , the 
subject invention documents in at least one other 
class of documents incorporate a third encryption de- 
cryption key encrypted with group encryption key 
GE. Still further in accordance with this aspect of the 5 
subject invention the verifying apparatus^ includes a 
memory for storing a decryption key and the enabling 
information includes information defining a corre- 
sponding group decryption key GLD which enables de- 
cryption of encrypted decryption keys on all docu- 10 
ments comprised in the selected group of classes, 
and the verifying apparatus responds to the enabling 
information to store decryption key GD in the menv 
ory/ 

In accordance with still another aspect of the sub- 15 
ject invention/the enabling information is transmitted 
from a data center to the verifying apparatus in en- . 
crypted form. 

In accordance with yet another aspect of the sub- 
ject invention, request information is transmitted to 20 
the data center to request enabling information for a 
selected group of classes, the request information in- 
cluding encrypted information identifying the verify- 
ing apparatus, the data center decrypting the en- 
crypted identifying information and responding to 25 
transmit the requested enabling information to the 
verifying apparatus. 

Thus, it can be seen that the invention as descri- 
bed and illustrated herein advantageously achieves 
the above object and overcomes the difficulties of the 30 
prior art by providing a method and apparatus for 
easily verifying groups' 'of. classes of documents. 
Other objects and advantages of the subject inven- 
tion will be readily apparent to those skilled in the art 
from consideration of the attached drawings and the 35 
detailed descriptions set forth below. 

Figure 1 is a schematic block diagram of an ap- 
paratus for producing a document to be verified in ac- 
cordance with the subject invention. 

Figure 2 is a schematic block diagram of an ap- 40 
paratus for verifying an identification card produced 
in accordance with the subject invention. 

Figures 3 and 4 are a schematic representations 
showing the data relationships between a document 
and thevalidatirig apparatus for various embodir 45 
ments of the subject invention. 

Detailed Description Of Preferred Embodiments 
Of The Subject Invention 

50 

Figure 1 shows a schematic block diagram of ap- 
paratus 10 for producing a document, more particu- 
larly an identification card C. A person (or other object 
or entity) for whom the identification card is intended 
is scanned by a conventionai.yideo scanner-12 to pro- 55 
duce a first signal representative of that, person's im- 
age. Preferably, the first signal is then converted to a 
digital form by an analog-to-digital convertor 14 for 



processing in the digital domain. 

. The first signal is then input to a. compression 
module 16 where it is compressed to reduce the 
amount of data which must be stored on identification 

card C. 

1 " * 

Data compression algorithms, specif ically adapt- 
ed for compression of video image signals, are known 
tc- those skilled in the art. Preferably, an algorithm 
known, as the JPEG algorithm, which is known and 
commercially available is used in compressor 16. Fur- 
ther description of the operation of compressor 16 is 
not believed necessary to an understanding of the 
subject invention. 

The compressed first signal is then input to an en- 
crypter 20 to be included in the encrypted second sig- 
nal which will be incorporated into identification card 
C, as will be described further below. Encrypter 20 
encrypts the second signal using an encryption key, 
E t , for a public key encryption system such as the well 
known RSA system. 

The encrypted second signal is then encoded in 
accordance with some predetermined format by cod- 
er module 22, which controls code generator 24 to in- 
corporate the encoded encrypted second signal in a 
portion of identification card C. 

In accordance with a preferred embodiment of 
the subject invention. the coded signal is coded as a 
two dimensional barcode, such as the PDF-417 stan- 
dard barcode, developed by the Symbol Technology 
Corporation of New York. However, the encrypted 
second signal may be coded into any suitable format. 
For example, for a smart card or a memory card coder 
22 and code denerator 24 may store the coded sec- 
ond signal as an appropriately formatted binary data 
block. 

Where the coded second signal is represented as 
a two dimensional barcode the barcode will prefer- 
ably be printed on back CB of identification card C. 

The digitized first signal is also input to printer 20 
which may use any appropriate technology for the 
production of identification card C to print an image 
of the person O on from CF of identification card C. 
Front CF and back CB are then combined and lamin- 
ated using well known technology by laminate* 32 to 
product identification card C. 

At least a portion of the text message is combined 
with the compressed from of the first signal to form 
the second signal which is encrypted by encrypter 
module 20 to provide encrypted information E,[M]. In- 
formation M is also printed as plain text on the front 
CF of card C. Alternatively, text T may be com-, 
pressed; as for example by f deletion : of control char- 
acters, which are restored in accordance with a pre- 
determined format when text J is reco^yjared, before 
text X is , incorporated into the seccmd signal. Thus, 
like image I text T is embodied in card, C in both hu- 
manly recognizable form on the. front CF and coded 
form on the back CB of card C. .\ ~ ... . . 
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In a preferred embodiment of the subject inven- 
tion a data center 40 transmits encryption code E ( to 
encrypter module 20. In order to increase the security 
of identification card C key Ej maybe changed from 
time to time. For the highest level of security key Ej 5 
maybe changed for -each card G produced. : f 

To facilitate decryption of encrypted information 
Ej[M] data center 40 also transmits an encrypted de- 
cryption key X(DJ to be appended to the encrypted in- 
formation E|[M] by coder module 22. Encryption key 1 6 
X can be either a class encryption key CE for a par- 
ticular class of documents produced by apparatus 10; 
or, in other embodiments of the subject invention may 
be a group encryption key GE for a group of classes 
of documents, or in still other embodiments of the 15 
subject invention decryption key D ( can be encrypted 
with both a class encryption key CE and one or more 
group encryption keys GE. Additionally, afn unen- 
crypted representation of the particular class Cj is 
also appended to the encrypted information Ej[M] by 20 
coder module,22. Thus, as will be seen below, when 
card C is to be verified the necessary decryption key 
Dj can be obtained by decrypting encrypted decryp- 
tion key X[DJ. 

Turning now to Figure 2 apparatus 50 for validat- 25 
irfg an identification card C is shown. The back CB of 
card C is scanned by a barcode scanner 52 having the 
capability to scan an appropriate two dimensional 
barcode. The scanned signal is then decoded by de- 
codier module 54 and decrypted by decrypter module 30 
58. In a preferred embodiment of the subject inven- 
tion decrypter 58 stores decryption key X, which is 
used to decrypt encrypted key X[D|] to obtain decryp- 
tion key Di; as will be further described below, in key 
memory 59. Key D t is then used to decrypt the decdd- 35 
ed signal scan from card back CB. 

Key X (or keys) is obtained by decrypter 58 form 
center 40. Typically, key X will remain constant during 
operation of system 50, as described above, and a di- 
rect communication link between system 50 and cen- 40 
ter 40 is not necessary and key X maybe transmitted 
in any convenient manner. 

The decrypted scan signal is then expanded in by 
an algorithm complimentary to the compression algo- 
rithm used in system 10, in a conventional manner 45 
which need not be described further for an under- 
standing of the subject invention: — 1 

The decrypted, expanded signal is 'then dis- 
played by a conventional display' 62. The display in- 
cludes^ representation Rl of image I and the text so 
message T which was included in the encrypted sec- 
ond signal scanned from card back CB. To verify the 
card image I is- compared with its ^representation Rl 
and the textfmds'sage T as printed on card C and as 
shown oh display 62 are compared. It should be noted 55 
that with compression representation Rl will be sorrier 
what degraded with respect to image I. It has been 
found however that using the above described JPEG 



algorithm a sufficiently accurate representation of an 
image of a pe rso n's fate/maybe f coded as approxi- 
mately 1,000 bytes of data and printed suing the 
above described PDF-417; 4 two dimensional barcode 
in ah area of approximately 2.50 b^l .75 inches on the 
back of a substantially conventional wallet sized card. - 
Of course, as described above, with improvements in v 
storage technology.ahd/or the use of media having a " 
High data storage capacity as embddirinents of iden- 
tification cards C representation Rl can be arbitrarily 
close to image [I." 

Once card C is validated by comparison of image 
I arid text message T printed on card f rorrf CF with rep- 
resentation Rl and the text message T as shown on 
display 62 th£n the identify of the person O carrying 
card C maybe confirmed by comparison of person 'O 
with image I. Text message T will then confirm the 
identity of person O and may also confirm the status 
or characteristics of person O. 

Turning to figure 3, the data relationships be- 
tween keys stored in key memory 59 iand the coded 
information on card back CB for a preferred embodi- - 
mentofthe subject invention is shown. Memory 59 in- - 
eludes storage location 59-0 which comprises class 
enable flags 1-N. Additionally, memory 59 includes- 
storage locations 59-1 through 59-N which initially 
store predetermined class decryption keys CDj 
through CD N . To enable a selected group of classes 
apparatus 50 receives enabling information from data 
center 40. In accordance with this embodiment of the 
subject invention the enabling information comprises**^- 
a code word which is written into location 59-0. As^* M 
serted bits of the code word enable the corresponding 
class decryption keys. That is, if the jth bit of the code 
word is asserted class decryption key CDj is enabled. 

To validate a document apparatus 50 scans the 
information from card back CD as described above. 
From the unencrypted class identification Cj appara- 
tus 50 determines that card C is in the particular class 
Cj, apparatus 50 then tests the jth bit of storage loca- 
tion 59-0 and if the bit is asserted decry pis the en- 
crypted decryption key CEj[DJ with the correspond- 
ing, enabled class decryption key CDj, decrypts the 
encrypted information EJM] and validates the card.as 
described above. 

Typically, apparatus 50 will be primarily intended 
to validate p§rticular class Cj and the jth bit of location 
59-0 will initially be asserted. For example, if appara- 
tus 50 is located in a particular state and card C is a 
driver's license then class Cj will be driver's licenses 
issued by that state and the jth bit will be initially as- 
serted in location 59-0. , 

' At a later time the user of apparatus 50 may wish 
to add additional classes of documents which can be 
verified: For example, the user may wish to verify' 
driver's licensees from neighboring states. To do this" 
the user requests enabling information from data, 
center 40. In response to this request data center 40 
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transmits a new code word wherein bits correspond;- 
ing to, the class decryption keys for the neighboring 
states are asserted. / . 

In accordance with a preferred embodiment of 
the subject invention this enabling information maybe 5 
encrypted, either with class encryption key CE, or 
with any other convenientkey, and decrypted by ap- 
paratus 50 prior to storing the code word in location 
59-0. " 

. m More particularly, enabling information may be 10 
transmitted to apparatus .50 in substantially the same 
manner as information for recharging of postage me- 
ter is transmitted, as is described in U.S. patent no. 
4,097,923 to: Eckert, Jr. etal.; issued: June 27, 1978; 
which is hereby incorporated by reference. In this em- 15 
bodiment of the subject invention apparatus 50 would 
transmit an identification code as well as encrypted 
information which would include a request for ena- 
bling information to enable a selected group and a se- 
cure serial number not accessible to users of appara- 20 
tus 50. The encrypted information can be encrypted 
with class decryption key CDj or any other convenient 
key. Upon receipt of this request data center 50 iden- 
tifies the appropriate key to decrypt the encrypted in- 
formation with encryption key CEj or other apprqpri- 25 
ate corresponding key. 

Data center 40 then generates appropriate ena- 
bling information, i.e. a code word having the bits cor- 
responding to the requested classes asserted, and 
encrypts it with class encryption key CEj or other con- 30 
venient key and transmits the encrypted enabling in- 
formation to apparatus 50 for decryption and storage 
in location 59-0. 

As noted above decryption keys used by appara- 
tus 50 will not normally be changed during normal op- 35 
erations and accordingly data maybe transmitted be- 
tween apparatus 50 and data center may take place 
in any convenient manner including, but not limited to: 
communications over a data communications link, 
physical transmission of installable data storage de- 40 
vices such as floppy disks or programmable read only 
memory chips, or transmission between human oper- 
ators for manual data input. 

In alternative embodiment, similar to that dis- 
cussed above, the enabling information may com- 45 
prise, class decryption keys comprised in a selected 
group and the remaining .locations, in memory 59 will 
contain null information. In this embodiment class 
enabling flags 59-0 are unnecessary since attempted 
decryption with null information will produce mean- 50 
ingless results. 

Instill another alternative embodiment where it is 
desired to allow verifying apparatus to verify later 
added classes without communicating with a data 
center, memory 59 stores all present and possible f u- 55, 
ture class decryption keys CD which are all perma- 
nently enabled. 

I Figure 4 shows the data relationship, for another 



embodiment of the subject invention wherein memory 
59 includes only a single storage location having two 
portions, a group decryption key GD k portion 59K and 
a group definition portion 59-h. Card back CB in- 
cludes a class identification Cj, and encrypted de- 
cryption key CEjfDJ, and encrypted information EJM], 
all as described above. Additionally, card back CB in- 
cludes an encrypted decryption key GE k [DJ encrypt- 
ed with a group encryption key GE k which is used for 
at least one other class of documents. That is, there 
is at least 1 class C k of documents wherein a decryp- 
tion key P'| is encrypted with group encryption key 
GE k . To validate the information apparatus 50 reads 
the class identification Cj and tests it against the 
group K definition 59-h to determine if the group de- 
cryption key GD k can be used to decrypt decryption 
key D| for documents in class Cj apparatus 50 then 
decrypts encrypted decryption key GE k [DJ to recover 
decryption key D, and validates card C as described 
above. 

It will be apparent that cards in class Cj may be- 
long to more then one group of classes, in which case 
card back CB will include appropriate corresponding 
encrypted decryption, keys encrypted with appropri- 
ate group encryption keys. In this case the encrypted 
decryption keys GE[DJ will include a tag T so that the 
appropriate encrypted decryption key can be quickly 
identified without the need for trial and error decryp- 
tion, of all keys. 

In this embodiment of the subject invention ena- 
bling information, to change the group of classes 
which apparatus 50 can validate would include the 
appropriate group decryption key and the appropriate 
header identifying the classes which can be validat- 
ed. 

The preferred embodiments described above 
have been given by way of example only, and other 
embodiments of the subject invention will be appa- 
rent to those skilled in the art from consideration of 
the detailed descriptions set forth above and the at- 
tached drawings. Accordingly, limitations in the sub- 
ject invention are to be found only in the claims set 
forth below. 

Particularly, the subject invention is not limited to 
identification cards but is applicable to any document 
including image datay text, or combinations thereof or 
any other convenient form of information for which the 
need exists for valid.ation that the information is au- 
thentic and unchanged. 

While the preferred embodiment identifies the 
class of a document by identification information Cj it 
is also within the contemplation that the class may be 
determined by attempting to decrypt the document 
with all available decryption keys attesting the re- 
sults for a meaningful message. , * 
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Claims 

1. A method for verifying a document belonging to 
a jth class of documents, said jth class being one 

of a plurality of classes of documents, each of s 
said classes corresponding to a class encryp- 
tion/decryption key pair CE, CD, said document 
incorporating encrypted information Ej[M] com- 
prising information M derived from said docu- 
ment and encrypted with an encryption key Ej for 10 
an encryption/decryption key pair E,, D if and said 
document further incorporating ah encrypted de- 1 
cryption key CE[DJ comprising decryption key Dj 
for said key pair E |f Dj encrypted with encryption 
key CE; for encryptional decryption key pair 15 
CE.CD associated with said jth class, said meth- 
od comprising the steps of: 

a) providing enabling information for enabling 
retrieval of a decryption key from any docu- 
ment in a selected group of said classes: 20 

b) determining if said document is in said se- 
lected group, and if so retrieving said decryp- 
tion key Dj from said document; 

c) decrypting said encrypted information 
E|[M] to obtain decrypted information Dj[E|[M]] 25 
and deriving said information M from said 
document; 'and 

d) comparing said decrypted encrypted infor- 
mation Dj[Ej[M]] with said information M to ver- ; 

■iffy the information contained in said docu- 30 
- ment as authentic and unchanged. 

2. A method as described in claim 1 further compris- 
ing the step of: 

a) providing verifying means for receiving said 35 
enabling information and for decrypting said 
encrypted information E|[M], said verifying 
means further comprising memory means for 
storing preselected decryption keys CD, said 
preselected keys CD being in one-to-one cor- 40 
respondence with said classes, and still fur- 
ther comprising means responsive to said 
enabling information for enabling said verify- 
ing means to access selected groups of said 
preselected keys; and wherein, 45 

b) said enabling information comprises infor- 
mation defining a group of said preselected 
keys CD corresponding to- said selected * 
groups of classes. 

. ' so 

3: ' A method as described in claim 2 wherein said 
enabling information comprises a code word, the 
bits being in {one-to-one correspondence with 
said preselected keys CD, said verifying' means 
storing said code word and said enabling means 55 
responding to said code word to enable access to 
one of said preselected keys if and only if a cor- 
responding bit of said code word is asserted. 



4. A method as described in claim'3 wherein said 
::; code word is encrypted, said verifying means de- 
crypting said code word prior to storing said code 

: - word. '* * ■ \ 1 

5. ,5; A method as described in claim 4 wherein said 
verifying means initially stores a first code word 

■ • code having an asserted bit corresponding to one 
of said presejected keys CD jt said preselected 
key CDj corresponding to said jth class; and 
wherein subsequent values for said code word 
are encrypted with said key CEj. 

6. * A method as described in claim 2 comprising the 

further step of: 

a) transmitting request information to a 
data center, said request information including 
encrypted information identifying said verifying 
means and a requestfor enabling information de- 
fining said group of said preselected keys CD cor- 
responding to said selected group of classes: 
wherein said data center decrypts said encrypted 
identifying information and responds to send said 
requested enabling information to said verifying 
-means. 

7. A method as described in claim 1 f urthercompris- 
' ing the steps of: 

a) providing verifying means for receiving said 
' enabling information and for decrypting said 

encrypted information E,[M], said verifying 
means further comprising memory means for 
storing a plurality of decryption keys CD; and 
wherein, 

b) said enabling information comprises infor- 
mation defining a group of said decryption 
keys CD corresponding to said selected group" 
of classes; and 

c) said verifying means further comprises 
means responsive to said enabling informa- 
tion for storing said group of decryption keys 
in said memory means. 

8. A method as described in claim 7 wherein said 
verifying means initially stores at least decryp- 
tion key CDj for said jtH class and subsequent val- 
ues for said enabling information are. encrypted 
with said corresponding key CEj." 

9. A method as described in claim 7 comprising the 
further step of: 

a) transmitting request information to a 
data center, said request information including 
encrypted information identifying said verifying 
means and a request JFor enabling information de- 
fining said group of said decryption keys corre^ 
sponding to said selected group of classes; 
wherein said data center decrypts said encrypted 
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means. . ; ' 

516 providing verifying meansforreceiying said 
ending information and for <ieayp " 
encrypted information EiM], sa.d ventying 

storing a decryption key; and wherein. 
' ^enabling information uprises. J*; 

Sd key pair GE. GD, said decryption key GD 

keys on all documents comprised in said se- 

rra^eriiyiS means further comprises 
means respons'e to said enabling in forma- 25 
«on for storing said decryption key GD in said 
memory means. .v. 



n , Amethod as ^j^S^S- 
enabling informat.on compnses sa.o gr p. 
cryption key GD in encrypted-form. ., 



30 



. cryption key. pair E,.D, an encrypted decryption 
-key CE;[D3 comprising "^£*}v* 
crypted with encryption key CE, for key p 
rl CD, and dass information identifying sari 
. "Solent as ponging to sari jth dass. sari 
method comprising the steps of. . 

a) providing validating means for decrypting 
. said encrypted information EM. said vabdat- 

• • storing asequence of preseiected deaypUon 
kevs CD,. CD 2 . : CD n wherein the jth key in 
Sseauence CD,; is the decryption key for 
S! kev paTcE,CD i and means response 

from said memory means, 

bTmputting said class information from sad 

document to said validating means; _ 

c)saidvarKJatingmeansretnev,ngsa,d^M^ 

in said sequence CD, from sa.d memory 

Tsawvalidating means then decrypting sari 
enSypted decryption key CEJDQ to ob*.n 
saW decryption key D„ and then decrypting 
. said encrypted information EM » obtain de- 
crypted information D,lEi[Mll' 
:! deriving said information M from said docu- 
ment; and ...i- decrvDte d information 
... f) .comparing^ said decrypt 

DIEJMTI from said verifying means with saio 

tied in said document as authentic and on 

u changed. ■ - ■ ' 



encryption key CE. 



40 



. means. 



15 An apparatus** verifying a document belonging 
C ^rth dass of documents, said jth dass being 

said dasses co.es ponding ^^J™ 
. tion/decryption key pair CE.CU. sai 
incorporating encryptec MeW - JM 
prising information M derived from said ooc 

an encryption/decryption key pair E„ D„ ana sa 
docume y nt further incorporating encrypt" de- 
cryP «on key ^™Z~SS^ 

.. ! Sc1,C D ; associated with said jth dass, com- 

5 means-responsiveto enabUhg .information . 

any document in a selected group of sari 
classes of documents, . and -responsive sari 
; ' Stifying information qto determine if sari 
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document is in said selected group, and if so 
. retrieving said decryption . key Dj from said 
. scanned information; ■ . • ■ 
• . c) means for decrypting said encrypted infor- 

mation Ej[M] from said scanned information to 5 
obtain decrypted encrypted : information 
D,[E,[M]]; and 

d) means for comparing- said decrypted en- 
- crypted information Di[Ej[M]] with said infor- 
mation M to verifying the information con- 10 
tained in said document as authentic and un- 
changed. . 

16. An apparatus as described in claim 15 wherein 

said enabling means further comprises memory is 
means for storing preselected keys CD, said pre- 
selected keys CD having in one-to-one corre- 
spondence with said classes, and wherein said 
v enabling means responds to said enabling infor- 
mation to enable access to a group of said pre- 20 
selected keys CD, said group of keys correspond- 
ing to said group of classes.. . 

17. An apparatus as described in claim 16, wherein 

said enabling information comprises a code word, 25 
and said enabling means further comprises a 
storage location for storing said code word, bits 
of said code word being in one-to-one correspon- 
dence with said preselected keys, said apparatus 
.further comprising means for storing said code 30 
word in said storage location upon receipt of said 
enabling information and said enabling means re- 
sponding to asserted bits of said stored code 
word to enable access to corresponding ones of 
said keys CD. 35 

18. An apparatus as described in claim 17 wherein 
said code word is encrypted, said decrypting 
.means being further for decrypting said code 

. word prior to storing said code word. 40 

19. An apparatus as described in claim 16 further 
- comprising: - • - . * v ' 

a) means for transmitting request informa- 
. tion-to a data center, said request' information in- 45 
eluding, encrypted information identifying^ said 
apparatus and a request for enabling information 
def ining said group of said preselected keysi CD 
corresponding to said group of classes, wherein 
- ^ said data center decrypts said encrypted identi- so 
fying information and responds to send said re- 
quested enabling information to said apparatus. 

20. An apparatus; as described in claim f 5 wherein 
said enabling means further comprises a mem- 55 

• ory means; for storing a plurality of said preselect- 
ed keys CD, : and wherein said enabling informa- 
tion comprises information: defining a group of 



* :< said decryption keys CD corresponding to said 
r selected group of classes; said apparatus further 
comprising means responsive to said enabling in- 
formation for storing said group of decrypting 
keys in said memory means. 

21. "An apparatus as described in claim 20 wherein 
said apparatus initially stores at least a decryp- 
tion key CD/for said jth class and subsequent val- 

• ues for said enabling information are encrypted 
with said corresponding key CEj. * ■ * : " 

22. An apparatus as described in claim 20 further 
comprising: 

a) means for transmitting request informa- 
tion to a data center, said request information in- 
cluding encrypted information identifying said 
apparatus and a request for enabling information 
defining said group of said preselected keys CD 
corresponding to said group of classes, wherein 
said data center decrypts said encrypted identi- 
fying information and responds to send said re- 
quested enabling information to said apparatus. 

23. An apparatus as described in claim 15 wherein 
said document further incorporates a second en- 
crypted decryption key GE[DJ encrypted with a 
group encryption key GE for an encryption/de- 
cryption key pair GE,GD, arid wherein docu- 
ments in at least a kth class incorporate a third 
encrypted decryption key GE[D|']; and said ena- 
bling means further comprises memory means 
for storing a decryption key GD for said encryp- 7 
tion/decryption key pair GE,GD, said decryption 
key GD enabling decryption of encrypted decryp- 
tion keys on all documents comprised in said se- 
lected group: said apparatus further comprising 
means, responsive to said enabling information 
for storing said decryption key GD in said mem- 
ory means. 

24. An apparatus as described in claim 23 wherein 
said enabling information comprises said group 
decryption key GD in encrypted form and said de- 
crypting means is further for decrypting said en- 
cryption of decryption key GD prior to storing said 

* decryption key GD in said memory means. 



25. Ari apparatus as described in claim 24 wherein 
said apparatus initially stores said class decryp- 
tion key CDj and said enabling information com- 
prises encrypted decryption key CEj[GD] en- 
crypted with said corresponding encryption key 
GEji , 

op •" "* : ' 

26. An apparatus as described in claim 23 further 
comprising: : ; ' ; * ' . 

K a) means for transmitting request informa- 
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tion to a data center, said request information in- 
cluding encrypted information identifying said 
apparatus and a request for enabling inrormation 
defining said group decryption key GD; wherein ., 
said data center decrypts said encrypted identi- s 
fying information arid responds to transmit ;said : r 
request enabling information to said apparatus.. 

r • *w ■ t • ' - 

27. An apparatus for validating a document belong- ! : 

- ing to ,a jtrv class,of documents, said jth class, of 10 \ 
documents corresponding to an ehcryption/de- 

? cryption key pair CEj CD£ said document incorr 
porate erfcrypted information Ej[M] comprising in- 
formation M derived f rom said document and en- ? 
crypted with an encryption key E, for an ericryp- 15 t 
tion/decryption key pair EjA, and encrypted de- 
cryption key CEjfDJ comprising decryption key Dj 
encrypted with encryption key CEj for key pair 
CEj,CD jt and class information identifying said 
document as belonging to said jth class, said ap- 20 
paratus comprising: 

a) means for scanning said document to input 
scanned information, said scanned informa- 
tion including said encrypted information 
Ej[M] said encrypted decryption key CEj[DJ, 25 
and information identifying said jth class Cj; 

b) memory means for storing a Sequence of 
preselected decryption keys CD 1 ,.CD 2t ... 
C n , wherein the jth key in said sequence CD; 

is the decryption key for said key pair CE,, 30 
CDj; : 

c) means responsive to said class identifying 
information for retrieving said jth key CDj from 
said memory means; 

d) means responsive to said jth key CDjforde- 35 * 
crypting said encrypted decryption key * 
CEj[DJ and then decrypting said encrypted in- 
formation BJhA] to obtain decrypted informa- 
tion Dj[E|[M]]; and 

e) means for comparing said decrypted en- 40 
crypted information Dj[Ej[M]] with said infor- 
mation M to validate said document as au- 
thentic and unchanged. 
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